yaws DoS

DoS

Open leoliu opened this issue 5 years ago • 2 comments

Make a HEAD or GET request using curl:

curl -I -H "transfer-encoding: chunked" url_to_yaws_server

which should tie up an acceptor for minutes. Start a few more such requests to tie up all acceptors.

Aug 08 '19 06:08 leoliu

I'll look into it. It's likely that some streaming process needs a timeout.

Aug 09 '19 13:08 vinoski

Replace transfer-encoding with content-length to get a similar issue. Post data with mismatching content-length also ties up an acceptor.

curl -H "content-length: 5" --data "abc" URL_YAWS_SERVER

There is also the case of a slow client for example one that connects and then sends one byte every 10 seconds (See Slowloris).

All these code paths eventually reach yaws:cli_recv/3 which do a recv on the socket with a default timeout #gconf.keepalive_timeout.

nginx seems to handle these cases safely and sensibly.

Aug 09 '19 16:08 leoliu